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^3. (NEW) A system for enforcing revocation in distributed systems, comprising: 

a) means for asserting a time stamped validity assertion pertaining to the validity of an 
initial Assertion; 

b) means for asserting freshness constraints indicating a length of time and the initial 
assertions that me freshness constraints relate to; and 



c) means for verifying that a relation | t tt0W - Ume stamp [ < S is satisfied for each particular 
assertion necessary forsyerification of a secure channel, where Ume stamp is a time of a time stamp 
pertaining to the validity assertion of a particular assertion, 5 being a minimum necessary 
freshness constraint pertaining, to the particular assertion and t now being the time of verification. 



54. (NEW) A system for protecting an authority of a distinguished principal and enforcing 
revocation when the authority is compromised, comprising: 

a) means for issuing an authoritativesassertion by a distinguished principal; 

b) means for asserting freshness constraints on the assertion; 

c) means for asserting a time stamped validity assertion to the assertion indicating the 
validity of the assertion at the time of the time stamp; and 

d) means for verifying that a relation | t now - ttimestamo | < S is satisfied for each 
particular assertion necessary for verification of a secure channel, where Uime stamp being the time 
of a time stamp pertaining to the validity assertion of the particular assertion, 5 being the 
minimum necessary freshness constraint pertaining to the particular\ssertion, and t now being the 
time of verification. 
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55\(NEW) A system for issuing certificates in a system for enforcing revocation in 
distributed systems, comprising: 

a) \neans for issuing certificates for principals within an organization by the 
organization; \ 

b) meansVor asserting, by the organization, a principal authorized as an authority for 
issuing time stampecrcertificates; 

c) means for delegating authority for issuing time stamped certificates; 

d) means for asserting freshness constraints on assertions; and 

e) means for verifying that a relation | t now - t time stamp j < 5 is satisfied for each particular 
assertion necessary for verificatio^f a secure channel, where tame stamp being a time of a time 
stamp pertaining to the validity assertion of a particular assertion, 5 being a minimum necessary 
freshness constraint pertaining to the particular assertion and t now being the time of verification. 

56. (NEW) A system for system security in a distributed system network, comprising: 

a) means for preparing a statement of an assigned revocation authority in a distributed 
system network in response to a policy, said revocationWhority statement being associated 
with an initial statement; \ 

b) means for preparing a statement of a freshness constraint period in the distributed 
system network in response to said policy, said freshness statement being associated with said 
revocation authority statement; \ 
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